<?
/***
*    This file is part of Marketorama.
*
*    Marketorama is free software: you can redistribute it and/or modify
*    it under the terms of the GNU General Public License as published by
*    the Free Software Foundation, either version 3 of the License, or
*    (at your option) any later version.
*
*    Marketorama is distributed in the hope that it will be useful,
*    but WITHOUT ANY WARRANTY; without even the implied warranty of
*    MERCHANTABILITY or FITNESS FOR A PARTICULAR *PURPOSE.  See the
*    GNU General Public License for more details.
*
*    You should have received a copy of the GNU General Public License
*    along with Marketorama.  If not, see <http://www.gnu.org/licenses/>.
***/
if ( ! defined('BASEPATH')) exit('No direct script access allowed'); 

/**
*    Class Login
*    
*    This class is responsible to authenticate users against the database. It set
*    ups the correct session variables and handles cookies.
*    This class is database dependant
*
**/
class Login {

    /**
    *    Function validateCredentials
    *
    *    It performs different actions. It authenticates the username and the
    *    password (md5) provided on calling. If it's success it generates the 
    *    session values and stores the cookie if the $rememberMe param is true.
    *
    *    $username: the username to validate
    *    $password_md5: the password already encrypted with MD5
    *    $rememberMe: a boolean that states if next login should be cookie-based
    *
    *    return: same data that is stored in the session
    **/
    function validateCredentials($username, $password_md5, $rememberMe)
    {
        $CI =& get_instance();

        $CI->db->where('UserName', $username);
        $CI->db->where('Password', $password_md5);
        $query=$CI->db->get('users');
        
        if($query->num_rows==1) //user/pwd combination is correct
        {
            $row=$query->row();
            //filling the session data array
            $data=array (
                'UserId' => $row->Id,
                'UserName' => $row->UserName,
                'FirstName' => $row->FirstName,
                'LastName' => $row->LastName,
                'EmailAddress' => $row->EmailAddress,
                'is_logged_in' => true);
            
            if ($rememberMe) //the remember me checkbox was checked
            {
                $CI->load->helper('cookie');
                set_cookie('AutoLoginUser', $username, 31536000, '.marketorama.org', '/', '');
                set_cookie('AutoLoginPassword', $password_md5, 31536000, '.marketorama.org', '/', '');
                //we store both username and md5 pwd in the cookie. 1 year validity.
            }
            
        } else {
            $data=array ('is_logged_in' => false);
            //didn't login
        }
        $CI->session->set_userdata($data); //store data in session
        return $data; //return session data just in case
    }
    /**
    *    Function isUserLoggedIn()
    *
    *    Verifies if the user is currently logged in. If not, but the rememberMe
    *    cookie is set, it tries to login with the cookie data. If it success, 
    *    the cookie is renewed
    *
    *    returns a boolean telling if any user is logged in
    *
    **/
    function isUserLoggedIn()
    {
        $CI =& get_instance();
        if($CI->session->userdata('is_logged_in')) //check current session data
        {    
            return true;
        }else{
            $CI->load->helper('cookie');
            if (get_cookie('AutoLoginUser') && get_cookie('AutoLoginPassword')) // check if there is cookie
            {
                // Keep in mind that this is like performing a normal login, so the cookie expiring period
                // will be fully renewed for another year every time the user enters the website
                $validation=validateCredentials(get_cookie('AutoLoginUser'), get_cookie('AutoLoginPassword'), true);
                return ($validation('is_logged_in')); //returns result of validateCredentials
            }else{
                return false; //everything went wrong
            }
        }
    }
    
    /**
    *    Function Logout()
    *
    *   Closes current session and removes all the cookies
    *
    **/
    function logout()
    {
        $CI =& get_instance();
        $CI->session->unset_userdata('is_logged_in');
        $CI->load->helper('cookie');
        delete_cookie('AutoLoginUser');
        delete_cookie('AutoLoginPassword');
    }
}

?>